Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs

Linux Kernel Route Cache Entry Remote Denial Of Service Vulnerability

Solution:
This issue has reportedly been addressed in the latest prepatch (2.4.21) for the stable Linux kernel tree.

Mandrake Linux have released a security advisory (MDKSA-2003:074) to address this issue. Further details regarding downloading and applying these fixes can be found in the referenced advisory. Fixes are linked below.

Mandrake has issued a kernel upgrade that is patched. Please see the advisory linked to in the reference section (MDKSA-2003:066-1) for further information.

Red Hat has released advisory RHSA-2003:172-00 and fixes to address this issue. See referenced advisory for additional details.

EnGarde has released an advisory. Information about obtaining fixes can be found in the referenced advisory (ESA-20030515-017).

Conectiva has released advisory CLSA-2003:657 to address this issue.

Red Hat Linux has released a new advisory RHSA-2003:145-01. Users are advised to upgrade vulnerable systems with the fix information provided in the referenced advisory. Updates to packages are available through the Red Hat Network.

Red Hat Linux has released a new advisory RHSA-2003:187-01. Affected users are advised to upgrade to newer kernel packages. Further information is available in the referenced advisory.

Debian has issued a kernel upgrade that is patched. Please see the advisories linked to in the reference section (DSA-311-1 and DSA 312-1) for URLs to fixes.

Debian has released a new advisory DSA 332-1. Information about obtaining and applying fixes is available in the referenced advisory.

Debian has announced in DSA 336-2 that advisory DSA 336-1 does not address this issue.

Conectiva has released advisory CLA-2003:701 to address this issue. See referenced advisory for additional details and fix information.

Gentoo has released advisory 200308-01 to address this issue. Affected users are advised to execute the following commands:

emerge sync
emerge gentoo-sources
emerge clean

RHBA-2003:263-05 (for non-Enterprise Red Hat distributions) has been released to address unrelated bugs but provides Kernel updates that include more recent fixes for this and other security vulnerabilities.

Conectiva has released a security advisory (CLA-2003:796) containing fixes to address this issue in Conectiva Linux 8.

Debian has released DSA 442-1 to provide fixes for s390 platforms. Please see the attached advisory for further information.


RedHat kernel-2.4.18-3.i686.rpm

RedHat kernel-2.4.2-2.i386.rpm

RedHat kernel-source-2.4.18-14.i386.rpm

RedHat kernel-bigmem-2.4.18-14.i686.rpm

RedHat kernel-BOOT-2.4.7-10.i386.rpm

RedHat kernel-doc-2.4.2-2.i386.rpm

RedHat kernel-2.4.20-8.athlon.rpm

RedHat kernel-source-2.4.2-2.i386.rpm

RedHat kernel-2.4.7-10.athlon.rpm

RedHat kernel-doc-2.4.18-3.i386.rpm

RedHat kernel-BOOT-2.4.20-8.i386.rpm

RedHat kernel-2.4.20-8.i586.rpm

RedHat kernel-2.4.7-10.i686.rpm

RedHat kernel-bigmem-2.4.20-8.i686.rpm

RedHat kernel-source-2.4.20-8.i386.rpm

RedHat kernel-2.4.20-8.i686.rpm

RedHat kernel-BOOT-2.4.18-3.i386.rpm

RedHat kernel-doc-2.4.18-14.i386.rpm

RedHat kernel-BOOT-2.4.2-2.i386.rpm

RedHat kernel-2.4.7-10.i386.rpm

RedHat kernel-2.4.18-3.athlon.rpm

RedHat kernel-2.4.18-3.i386.rpm

RedHat kernel-bigmem-2.4.18-3.i686.rpm

RedHat kernel-source-2.4.7-10.i386.rpm

RedHat kernel-2.4.18-14.i586.rpm

RedHat kernel-2.4.18-14.i686.rpm

RedHat kernel-doc-2.4.20-8.i386.rpm

RedHat kernel-BOOT-2.4.18-14.i386.rpm

RedHat kernel-2.4.18-14.athlon.rpm

RedHat kernel-2.4.2-2.i686.rpm

MandrakeSoft Multi Network Firewall 2.0

MandrakeSoft Corporate Server 2.1

Linux kernel 2.4.17

Linux kernel 2.4.18

Linux kernel 2.4.18 x86

Linux kernel 2.4.19

Linux kernel 2.4.20

Linux kernel 2.4.21 pre4

Sun Linux 5.0

Sun Linux 5.0.3

Sun Linux 5.0.5

MandrakeSoft Linux Mandrake 8.2

MandrakeSoft Linux Mandrake 8.2 ppc

MandrakeSoft Linux Mandrake 9.1 ppc

MandrakeSoft Linux Mandrake 9.1







 

Privacy Statement
Copyright 2008, SecurityFocus